urlscan.io logo urlscan.io
SecurityTrails logo

g.ieeod0.com Open in urlscan Pro
140.143.116.126  Public Scan

Go To Rescan Add Verdict Report
URL: http://g.ieeod0.com/w/sys_cs.html?c=688&uid=520800&
Submission: On February 13 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 20 HTTP transactions. The main IP is 140.143.116.126, located in Beijing, China and belongs to CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is g.ieeod0.com.
This is the only time g.ieeod0.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 140.143.116.126 45090 (CNNIC-TEN...)
1 3 115.231.95.105 136190 (CHINATELE...)
2 121.201.25.195 58543 (CHINATELE...)
1 113.105.169.237 134763 (CT-DONGGU...)
1 222.187.225.41 4134 (CHINANET-...)
3 163.171.132.119 54994 (QUANTILNE...)
1 122.226.122.227 136190 (CHINATELE...)
1 47.246.43.181 24429 (TAOBAO Zh...)
1 112.73.28.70 135373 (EFLYPRO-A...)
20 9
9    140.143.116.126 (Beijing, China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
g.ieeod0.com
cm.he2d.com
cookiem.37.com
3    115.231.95.105 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
ss2.he2d.com
pt.clickdata.37wan.com
2    121.201.25.195 (China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)
PTR: 121.201.25.195
statuslogin.37.com
1    113.105.169.237 (Dongguan, China)

ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN)
fb.37cs.com
1    222.187.225.41 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
log.he2d.com
3    163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)
kwcdn.000dn.com
sccdn.s72c.com
1    122.226.122.227 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
aw.kejet.net
1    47.246.43.181 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
stuff.cdn.biddingx.com
1    112.73.28.70 (China)

ASN135373 (EFLYPRO-AS-AP EFLY NETWORK LIMITED, HK)
PTR: ns1.eflydns.net
masky.biddingx.com
Domain Requested by
7 g.ieeod0.com g.ieeod0.com
2 sccdn.s72c.com g.ieeod0.com
2 pt.clickdata.37wan.com g.ieeod0.com
2 statuslogin.37.com g.ieeod0.com
1 masky.biddingx.com
1 stuff.cdn.biddingx.com kwcdn.000dn.com
1 cookiem.37.com
1 cm.he2d.com 1 redirects
1 aw.kejet.net g.ieeod0.com
1 kwcdn.000dn.com g.ieeod0.com
1 log.he2d.com g.ieeod0.com
1 fb.37cs.com g.ieeod0.com
1 ss2.he2d.com 1 redirects
20 13

This site contains no links.

Subject Issuer Validity Valid
*.37cs.com
RapidSSL RSA CA 2018		 2018-12-26 -
2020-03-26		 a year crt.sh

This page contains 2 frames:

Primary Page: http://g.ieeod0.com/w/sys_cs.html?c=688&uid=520800&
Frame ID: 19AC12323202D9960D9A87571045F7F1
Requests: 1 HTTP requests in this frame

Frame: http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Frame ID: C25B8C030910E2B24DB526B426E7899F
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

20
Requests

5 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

9
IPs

3
Countries

187 kB
Transfer

250 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ss2.he2d.com/csp9y86/688?c=688&uid=520800& HTTP 302
  • http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Request Chain 14
  • http://cm.he2d.com/1/ HTTP 302
  • http://cookiem.37.com/sys/?u=x6FEXlUt5N8BAAAAwVgi&fdata=

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sys_cs.html
g.ieeod0.com/w/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://g.ieeod0.com/w/sys_cs.html?c=688&uid=520800&
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
f6337a2e5e900de794156a23cc2617e57ada31510f5e3113ff51ea1720b0a560

Request headers

Host
g.ieeod0.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Thu, 13 Feb 2020 01:09:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 19 Dec 2017 02:24:53 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Expires
Thu, 13 Feb 2020 02:09:26 GMT
Cache-Control
max-age=3600
6227.html
g.ieeod0.com/s/1/683/ Frame C25B
Redirect Chain
  • http://ss2.he2d.com/csp9y86/688?c=688&uid=520800&
  • http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/w/sys_cs.html?c=688&uid=520800&
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
440fe52944e36eb6e1a92e0b5d247c3b041fcb359882c599058886b43c0a40a1

Request headers

Host
g.ieeod0.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://g.ieeod0.com/w/sys_cs.html?c=688&uid=520800&
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
about:blank

Response headers

Server
nginx
Date
Thu, 13 Feb 2020 01:09:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 10 Feb 2020 02:35:23 GMT
Vary
Accept-Encoding
Cache-Control
no-cache no-cache
Content-Encoding
gzip

Redirect headers

Content-Type
text/plain
Content-Length
0
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie
u=x6FEXlUt5N8BAAAAwVgi; Expires=Sun, 10-Feb-30 01:09:27 GMT; Domain=he2d.com; Path=/ fh=44501:1; path=/csp9y86/688; Expires=Fri, 14-Feb-2020 01:09:27 GMT pc=0:1581556167; path=/csp9y86/688; Expires=Thu, 13-Feb-2020 02:00:00 GMT
Location
//g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
style.min.css
g.ieeod0.com/css/ Frame C25B 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://g.ieeod0.com/css/style.min.css?bust=20170531164300VER
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
d9c2db3d868bcb4e3c26026a56d30c97f8591f180362b9dcf810cc1871a32fe3

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Sep 2019 09:16:14 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
c.php
g.ieeod0.com/api/ Frame C25B 		959 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
http://g.ieeod0.com/api/c.php?platform_id=1&union_id=683&union_type=7&link_id=6227
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
f13c8c3dedbd51e3fc15e11bc5d4eba33c5f50bab14fe6fa08ddd7996a222b82

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Feb 2020 01:09:32 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Pramga
no-cache
common.min.js
g.ieeod0.com/js/ Frame C25B 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://g.ieeod0.com/js/common.min.js?bust=20190708164300VER
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
390bb3cea9a2fae28c51893af509111a7cfcb082d525bc118f7f4dfa865278f0

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Sep 2019 09:54:14 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
g2.js
g.ieeod0.com/js/1/ Frame C25B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://g.ieeod0.com/js/1/g2.js?0.9320940640530417
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/common.min.js?bust=20190708164300VER
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
2f231fc9c4c0628dc3848ed85b58bd97360a6331f116d906fa20f64441225f62

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jul 2019 09:04:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
login.php
statuslogin.37.com/api/ Frame C25B 		13 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
http://statuslogin.37.com/api/login.php?action=status&game_id=620&server_id=241332&callback=_loginfb&tid=1&0.10210306618323184
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/common.min.js?bust=20190708164300VER
Protocol
HTTP/1.1
Server
121.201.25.195 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
121.201.25.195
Software
nginx /
Resource Hash
cec389e2655885f68f4f880560b40d0d71adfd22f0c01b07a5105195b809cf3b

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:33 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
track.php
fb.37cs.com/feedback/ Frame C25B 		0
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fb.37cs.com/feedback/track.php?step=2
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/common.min.js?bust=20190708164300VER
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
113.105.169.237 Dongguan, China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 01:09:33 GMT
Server
openresty
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Transfer-Encoding
chunked
Content-Type
text/html
ua-parser.min.js
g.ieeod0.com/js/ Frame C25B 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://g.ieeod0.com/js/ua-parser.min.js?0.21647510110831258
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/1/g2.js?0.9320940640530417
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
ea0f9e28d1142b22aef67786b3f2a4200692fa30e523b8d7bab19630c57b2dd3

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Aug 2017 11:38:54 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
ps.gif
pt.clickdata.37wan.com/ Frame C25B 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt.clickdata.37wan.com/ps.gif?id=79&e1=http%3A%2F%2Fg.ieeod0.com%2Fs%2F1%2F683%2F6227.html%3Fp%3D1%26un%3D683%26l%3D6227%26uid%3D520800%26a%3D44501%26pd%3D1%26g%3D620%26gs%3D240883%26s%3D40%26t%3D1%26v%3DU1NeRKHHGqIsiX0TsdQ.%26c%3D995%26cg%3D5605%26b%3D0%26n%3D1%26sz%3D-1&e2=http%3A%2F%2Fg.ieeod0.com%2Fw%2Fsys_cs.html%3Fc%3D688%26uid%3D520800%26&e3=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&e4=&e5=Linux%20x86_64
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Protocol
HTTP/1.1
Server
115.231.95.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
ps.gif
pt.clickdata.37wan.com/ Frame C25B 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt.clickdata.37wan.com/ps.gif?id=30&e1=683&e2=520800&e3=44501scsg&e4=6227&e5=Chrome&e6=74.0.3729.169&e7=Mac%20OS&e8=10.14.5&e9=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&e10=995
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
Protocol
HTTP/1.1
Server
115.231.95.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
2.js
log.he2d.com/s/1/683/6227/ Frame C25B 		10 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
http://log.he2d.com/s/1/683/6227/2.js?uid=520800&lt=2311&key=0&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&tid=2&0.07775905664600469
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/common.min.js?bust=20190708164300VER
Protocol
HTTP/1.1
Server
222.187.225.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
nginx /
Resource Hash
623017a5748ff1b4e9d0f227f5cd58869ae4959d1ca8fd204c9441cd11e2695b

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:35 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
login.php
statuslogin.37.com/api/ Frame C25B 		16 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
http://statuslogin.37.com/api/login.php?action=status&game_id=620&server_id=241332&callback=_loginCheck&tid=3&0.683995192682578
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/common.min.js?bust=20190708164300VER
Protocol
HTTP/1.1
Server
121.201.25.195 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
121.201.25.195
Software
nginx /
Resource Hash
983e992748b926bb5f6f234982508926f8cee937d54e7144c58d8a61e5174ae4

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:35 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
shunfeiCL.js
kwcdn.000dn.com/js/ Frame C25B 		384 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
http://kwcdn.000dn.com/js/shunfeiCL.js
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/1/g2.js?0.9320940640530417
Protocol
HTTP/1.1
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
ce1c4760daeaaea8b0e9878bf0cac9e0de3aa48fce58ec019f70806577f37c1e

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:36 GMT
Last-Modified
Tue, 28 Nov 2017 09:07:33 GMT
Server
nginx
ETag
"5a1d2755-180"
X-Ws-Request-Id
5e44a1cf_PSdgflkfFRA2po7_29255-9008
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
384
X-Via
1.1 xxxz56:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:10 (Cdn Cache Server V2.0)
t
aw.kejet.net/ Frame C25B 		0
431 B 		Script
General
Check archive.org
Download Go to
Full URL
http://aw.kejet.net/t?p=w2b&c=2i
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/js/1/g2.js?0.9320940640530417
Protocol
HTTP/1.1
Server
122.226.122.227 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 01:09:35 GMT
Server
Tengine
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-store, no-cache, must-revalidate,post-check=0,pre-check=0
Connection
close
Content-Length
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
cookiem.37.com/sys/ Frame C25B
Redirect Chain
  • http://cm.he2d.com/1/
  • http://cookiem.37.com/sys/?u=x6FEXlUt5N8BAAAAwVgi&fdata=
0
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cookiem.37.com/sys/?u=x6FEXlUt5N8BAAAAwVgi&fdata=
Protocol
HTTP/1.1
Server
140.143.116.126 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:42 GMT
Server
nginx
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Thu, 13 Feb 2020 01:09:41 GMT

Redirect headers

Date
Thu, 13 Feb 2020 01:09:35 GMT
Server
nginx
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://cookiem.37.com/sys/?u=x6FEXlUt5N8BAAAAwVgi&fdata=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
154
Expires
Thu, 13 Feb 2020 01:09:34 GMT
pm.jpg
sccdn.s72c.com/swfs/6b/44501scsg/ Frame C25B 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sccdn.s72c.com/swfs/6b/44501scsg/pm.jpg
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/w/sys_cs.html?c=688&uid=520800&
Protocol
HTTP/1.1
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
72a5840adc2f79852697bbd9f0b4413d7e12cac09bbb6faaac7a648c69de6737

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:35 GMT
Last-Modified
Thu, 16 Jan 2020 08:03:33 GMT
Server
nginx
ETag
"5e2018d5-23dc3"
X-Ws-Request-Id
5e44a1cf_PSdgflkfFRA2po7_29167-45137
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
146883
X-Via
1.1 dxin115:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:8 (Cdn Cache Server V2.0)
Expires
Thu, 13 Feb 2020 01:39:22 GMT
bg_filter_cover.png
sccdn.s72c.com/images/ Frame C25B 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sccdn.s72c.com/images/bg_filter_cover.png
Requested by
Host: g.ieeod0.com
URL: http://g.ieeod0.com/w/sys_cs.html?c=688&uid=520800&
Protocol
HTTP/1.1
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
dedb5bef57662905ad031fdad9b602d70d5b6848198a34b01f095f3269ab0878

Request headers

Referer
http://g.ieeod0.com/css/style.min.css?bust=20170531164300VER
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 01:09:35 GMT
Last-Modified
Tue, 19 Jul 2016 06:23:22 GMT
Server
nginx
Age
1
ETag
"578dc75a-3ee"
X-Ws-Request-Id
5e44a1cf_PSdgflkfFRA2po7_29255-9011
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1006
X-Via
1.1 dianxin121:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2so76:8 (Cdn Cache Server V2.0)
Expires
Thu, 13 Feb 2020 02:00:45 GMT
vc.min.js
stuff.cdn.biddingx.com/js/ Frame C25B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://stuff.cdn.biddingx.com/js/vc.min.js
Requested by
Host: kwcdn.000dn.com
URL: http://kwcdn.000dn.com/js/shunfeiCL.js
Protocol
HTTP/1.1
Server
47.246.43.181 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
19c7ca1a7b177c9ca788c18210c7ede8daee5e36a694168dbd5de912d0953a2f

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 00:46:19 GMT
Via
cache47.l2de1[0,304-0,H], cache17.l2de1[0,0], cache9.de2[6,200-0,H], cache3.de2[18,0]
Age
1398
X-Cache
HIT TCP_REFRESH_HIT dirn:11:400890463
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
1250
Last-Modified
Fri, 08 Sep 2017 08:13:15 GMT
Server
Tengine
ETag
"59b2511b-4e2"
Ali-Swift-Global-Savetime
1574526822
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Timing-Allow-Origin
*
EagleId
2ff62b9715815561773632569e
X-Swift-SaveTime
Thu, 13 Feb 2020 01:09:37 GMT
pri
masky.biddingx.com/pdmp/do/ Frame C25B 		43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://masky.biddingx.com/pdmp/do/pri?cate=%E5%88%B0%E8%BE%BE%E8%BF%8737%E5%BC%B9%E7%AA%97&cid=34770
Protocol
HTTP/1.1
Server
112.73.28.70 , China, ASN135373 (EFLYPRO-AS-AP EFLY NETWORK LIMITED, HK),
Reverse DNS
ns1.eflydns.net
Software
Tengine/2.2.0 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
http://g.ieeod0.com/s/1/683/6227.html?p=1&un=683&l=6227&uid=520800&a=44501&pd=1&g=620&gs=240883&s=40&t=1&v=U1NeRKHHGqIsiX0TsdQ.&c=995&cg=5605&b=0&n=1&sz=-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 01:09:38 GMT
Server
Tengine/2.2.0
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| flag object| flash_tit function| flash_title function| getParam string| c string| box_url number| iStep

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aw.kejet.net
cm.he2d.com
cookiem.37.com
fb.37cs.com
g.ieeod0.com
kwcdn.000dn.com
log.he2d.com
masky.biddingx.com
pt.clickdata.37wan.com
sccdn.s72c.com
ss2.he2d.com
statuslogin.37.com
stuff.cdn.biddingx.com
112.73.28.70
113.105.169.237
115.231.95.105
121.201.25.195
122.226.122.227
140.143.116.126
163.171.132.119
222.187.225.41
47.246.43.181
19c7ca1a7b177c9ca788c18210c7ede8daee5e36a694168dbd5de912d0953a2f
2f231fc9c4c0628dc3848ed85b58bd97360a6331f116d906fa20f64441225f62
390bb3cea9a2fae28c51893af509111a7cfcb082d525bc118f7f4dfa865278f0
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
440fe52944e36eb6e1a92e0b5d247c3b041fcb359882c599058886b43c0a40a1
623017a5748ff1b4e9d0f227f5cd58869ae4959d1ca8fd204c9441cd11e2695b
72a5840adc2f79852697bbd9f0b4413d7e12cac09bbb6faaac7a648c69de6737
983e992748b926bb5f6f234982508926f8cee937d54e7144c58d8a61e5174ae4
ce1c4760daeaaea8b0e9878bf0cac9e0de3aa48fce58ec019f70806577f37c1e
cec389e2655885f68f4f880560b40d0d71adfd22f0c01b07a5105195b809cf3b
d9c2db3d868bcb4e3c26026a56d30c97f8591f180362b9dcf810cc1871a32fe3
dedb5bef57662905ad031fdad9b602d70d5b6848198a34b01f095f3269ab0878
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0f9e28d1142b22aef67786b3f2a4200692fa30e523b8d7bab19630c57b2dd3
f13c8c3dedbd51e3fc15e11bc5d4eba33c5f50bab14fe6fa08ddd7996a222b82
f6337a2e5e900de794156a23cc2617e57ada31510f5e3113ff51ea1720b0a560